summaryrefslogtreecommitdiffstats
path: root/g10
diff options
context:
space:
mode:
Diffstat (limited to 'g10')
-rw-r--r--g10/card-util.c2
-rw-r--r--g10/compress.c28
-rw-r--r--g10/filter.h7
-rw-r--r--g10/getkey.c21
-rw-r--r--g10/gpg.c5
-rw-r--r--g10/import.c6
-rw-r--r--g10/keydb.h8
-rw-r--r--g10/keyedit.c2
-rw-r--r--g10/keylist.c15
-rw-r--r--g10/mainproc.c63
-rw-r--r--g10/options.h4
-rw-r--r--g10/packet.h2
-rw-r--r--g10/passphrase.c5
-rw-r--r--g10/pkclist.c2
-rw-r--r--g10/revoke.c2
15 files changed, 117 insertions, 55 deletions
diff --git a/g10/card-util.c b/g10/card-util.c
index ffb94dae4..587f181f2 100644
--- a/g10/card-util.c
+++ b/g10/card-util.c
@@ -633,7 +633,7 @@ current_card_status (ctrl_t ctrl, estream_t fp,
{
tty_fprintf (fp, " created ....: %s\n",
isotimestamp (info.fpr3time));
- print_keygrip (fp, info.grp2);
+ print_keygrip (fp, info.grp3);
}
tty_fprintf (fp, "General key info..: ");
diff --git a/g10/compress.c b/g10/compress.c
index 61bb756f2..e7a6f2b11 100644
--- a/g10/compress.c
+++ b/g10/compress.c
@@ -309,15 +309,19 @@ int
handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd,
int (*callback)(IOBUF, void *), void *passthru )
{
- compress_filter_context_t *cfx;
int rc;
if(check_compress_algo(cd->algorithm))
return GPG_ERR_COMPR_ALGO;
- cfx = xmalloc_clear (sizeof *cfx);
- cfx->release = release_context;
- cfx->algo = cd->algorithm;
- push_compress_filter(cd->buf,cfx,cd->algorithm);
+ if(cd->algorithm) {
+ compress_filter_context_t *cfx;
+
+ cfx = xmalloc_clear (sizeof *cfx);
+ cfx->release = release_context;
+ cfx->algo = cd->algorithm;
+ if (push_compress_filter(cd->buf, cfx, cd->algorithm))
+ xfree (cfx);
+ }
if( callback )
rc = callback(cd->buf, passthru );
else
@@ -326,16 +330,20 @@ handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd,
return rc;
}
-void
+gpg_error_t
push_compress_filter(IOBUF out,compress_filter_context_t *zfx,int algo)
{
- push_compress_filter2(out,zfx,algo,0);
+ return push_compress_filter2(out,zfx,algo,0);
}
-void
+
+/* Push a compress filter and return 0 if that succeeded. */
+gpg_error_t
push_compress_filter2(IOBUF out,compress_filter_context_t *zfx,
int algo,int rel)
{
+ gpg_error_t err = gpg_error (GPG_ERR_FALSE);
+
if(algo>=0)
zfx->algo=algo;
else
@@ -350,16 +358,20 @@ push_compress_filter2(IOBUF out,compress_filter_context_t *zfx,
case COMPRESS_ALGO_ZIP:
case COMPRESS_ALGO_ZLIB:
iobuf_push_filter2(out,compress_filter,zfx,rel);
+ err = 0;
break;
#endif
#ifdef HAVE_BZIP2
case COMPRESS_ALGO_BZIP2:
iobuf_push_filter2(out,compress_filter_bz2,zfx,rel);
+ err = 0;
break;
#endif
default:
BUG();
}
+
+ return err;
}
diff --git a/g10/filter.h b/g10/filter.h
index cd177f4a4..6daf273fa 100644
--- a/g10/filter.h
+++ b/g10/filter.h
@@ -177,9 +177,10 @@ void unarmor_pump_release (UnarmorPump x);
int unarmor_pump (UnarmorPump x, int c);
/*-- compress.c --*/
-void push_compress_filter(iobuf_t out,compress_filter_context_t *zfx,int algo);
-void push_compress_filter2(iobuf_t out,compress_filter_context_t *zfx,
- int algo,int rel);
+gpg_error_t push_compress_filter (iobuf_t out, compress_filter_context_t *zfx,
+ int algo);
+gpg_error_t push_compress_filter2 (iobuf_t out,compress_filter_context_t *zfx,
+ int algo, int rel);
/*-- cipher.c --*/
int cipher_filter_cfb (void *opaque, int control,
diff --git a/g10/getkey.c b/g10/getkey.c
index 445e8a6a1..1120e883e 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -4136,15 +4136,20 @@ get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk,
*********************************************/
/* Return a string with a printable representation of the user_id.
- * this string must be freed by xfree. */
+ * this string must be freed by xfree. If R_NOUID is not NULL it is
+ * set to true if a user id was not found; otherwise to false. */
static char *
-get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
+get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len,
+ int *r_nouid)
{
user_id_db_t r;
keyid_list_t a;
int pass = 0;
char *p;
+ if (r_nouid)
+ *r_nouid = 0;
+
/* Try it two times; second pass reads from the database. */
do
{
@@ -4191,6 +4196,8 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
else
p = xasprintf ("%s [?]", keystr (keyid));
+ if (r_nouid)
+ *r_nouid = 1;
if (r_len)
*r_len = strlen (p);
return p;
@@ -4200,7 +4207,7 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
char *
get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
{
- char *p = get_user_id_string (ctrl, keyid, 0, NULL);
+ char *p = get_user_id_string (ctrl, keyid, 0, NULL, NULL);
char *p2 = utf8_to_native (p, strlen (p), 0);
xfree (p);
return p2;
@@ -4210,15 +4217,15 @@ get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
char *
get_long_user_id_string (ctrl_t ctrl, u32 * keyid)
{
- return get_user_id_string (ctrl, keyid, 1, NULL);
+ return get_user_id_string (ctrl, keyid, 1, NULL, NULL);
}
/* Please try to use get_user_byfpr instead of this one. */
char *
-get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn)
+get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid)
{
- return get_user_id_string (ctrl, keyid, 2, rn);
+ return get_user_id_string (ctrl, keyid, 2, rn, r_nouid);
}
@@ -4227,7 +4234,7 @@ char *
get_user_id_native (ctrl_t ctrl, u32 *keyid)
{
size_t rn;
- char *p = get_user_id (ctrl, keyid, &rn);
+ char *p = get_user_id (ctrl, keyid, &rn, NULL);
char *p2 = utf8_to_native (p, rn, 0);
xfree (p);
return p2;
diff --git a/g10/gpg.c b/g10/gpg.c
index 1f3314eb3..75eeceb13 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -429,6 +429,7 @@ enum cmd_and_opt_values
oSender,
oKeyOrigin,
oRequestOrigin,
+ oNoSymkeyCache,
oNoop
};
@@ -902,6 +903,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"),
ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"),
ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
+ ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"),
/* Dummy options with warnings. */
ARGPARSE_s_n (oUseAgent, "use-agent", "@"),
@@ -3624,6 +3626,7 @@ main (int argc, char **argv)
break;
case oNoAutostart: opt.autostart = 0; break;
+ case oNoSymkeyCache: opt.no_symkey_cache = 1; break;
case oDefaultNewKeyAlgo:
opt.def_new_key_algo = pargs.r.ret_str;
@@ -5214,7 +5217,7 @@ g10_exit( int rc )
/* If we had an error but not printed an error message, do it now.
* Note that write_status_failure will never print a second failure
* status line. */
- if (log_get_errorcount (0))
+ if (rc)
write_status_failure ("gpg-exit", gpg_error (GPG_ERR_GENERAL));
gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
diff --git a/g10/import.c b/g10/import.c
index ed679d5c0..9fc769df9 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -767,7 +767,7 @@ valid_keyblock_packet (int pkttype)
* Meta data (ring trust packets) are only considered of WITH_META is set.
* PENDING_PKT should be initialized to NULL and not changed by the caller.
* Return: 0 = okay, -1 no more blocks or another errorcode.
- * The int at at R_V3KEY counts the number of unsupported v3
+ * The int at R_V3KEY counts the number of unsupported v3
* keyblocks.
*/
static int
@@ -856,7 +856,9 @@ read_block( IOBUF a, int with_meta,
{
compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx );
pkt->pkt.compressed->buf = NULL;
- push_compress_filter2(a,cfx,pkt->pkt.compressed->algorithm,1);
+ if (push_compress_filter2 (a, cfx,
+ pkt->pkt.compressed->algorithm, 1))
+ xfree (cfx); /* e.g. in case of compression_algo NONE. */
}
free_packet (pkt, &parsectx);
init_packet(pkt);
diff --git a/g10/keydb.h b/g10/keydb.h
index 69365793c..c65af0204 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -405,10 +405,10 @@ void setup_main_keyids (kbnode_t keyblock);
data structures. */
void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock);
-char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid);
-char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid);
-char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn);
-char*get_user_id_native (ctrl_t ctrl, u32 *keyid);
+char *get_user_id_string_native (ctrl_t ctrl, u32 *keyid);
+char *get_long_user_id_string (ctrl_t ctrl, u32 *keyid);
+char *get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid);
+char *get_user_id_native (ctrl_t ctrl, u32 *keyid);
char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn);
char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr);
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 3d4418ead..00b4e7280 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -264,7 +264,7 @@ keyedit_print_one_sig (ctrl_t ctrl, estream_t fp,
else
{
size_t n;
- char *p = get_user_id (ctrl, sig->keyid, &n);
+ char *p = get_user_id (ctrl, sig->keyid, &n, NULL);
tty_print_utf8_string2 (fp, p, n,
opt.screen_columns - keystrlen () - 26 -
((opt.
diff --git a/g10/keylist.c b/g10/keylist.c
index bcbad450a..1f501fc97 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -1182,7 +1182,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
else if (!opt.fast_list_mode)
{
size_t n;
- char *p = get_user_id (ctrl, sig->keyid, &n);
+ char *p = get_user_id (ctrl, sig->keyid, &n, NULL);
print_utf8_buffer (es_stdout, p, n);
xfree (p);
}
@@ -1553,6 +1553,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
byte fparray[MAX_FINGERPRINT_LEN];
char *siguid;
size_t siguidlen;
+ char *issuer_fpr = NULL;
if (sig->sig_class == 0x20 || sig->sig_class == 0x28
|| sig->sig_class == 0x30)
@@ -1610,11 +1611,16 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
else
{
rc = 0;
- sigrc = ' ';
+ sigrc = ' '; /* Note the fix-up below in --list-sigs mode. */
}
if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
- siguid = get_user_id (ctrl, sig->keyid, &siguidlen);
+ {
+ int nouid;
+ siguid = get_user_id (ctrl, sig->keyid, &siguidlen, &nouid);
+ if (!opt.check_sigs && nouid)
+ sigrc = '?'; /* No key in local keyring. */
+ }
else
{
siguid = NULL;
@@ -1653,6 +1659,8 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
for (i = 0; i < fplen; i++)
es_fprintf (es_stdout, "%02X", fparray[i]);
}
+ else if ((issuer_fpr = issuer_fpr_string (sig)))
+ es_fputs (issuer_fpr, es_stdout);
es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
@@ -1661,6 +1669,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
/* fixme: check or list other sigs here */
xfree (siguid);
+ xfree (issuer_fpr);
}
}
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 1af89c501..69de865e7 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1307,7 +1307,7 @@ list_node (CTX c, kbnode_t node)
}
else if (!opt.fast_list_mode)
{
- p = get_user_id (c->ctrl, sig->keyid, &n);
+ p = get_user_id (c->ctrl, sig->keyid, &n, NULL);
es_write_sanitized (es_stdout, p, n,
opt.with_colons?":":NULL, NULL );
xfree (p);
@@ -1710,21 +1710,40 @@ akl_has_wkd_method (void)
}
-/* Return the ISSUER fingerprint string in human readbale format if
- * available. Caller must release the string. */
-static char *
-issuer_fpr_string (PKT_signature *sig)
+/* Return the ISSUER fingerprint buffer and its lenbgth at R_LEN.
+ * Returns NULL if not available. The returned buffer is valid as
+ * long as SIG is not modified. */
+static const byte *
+issuer_fpr_raw (PKT_signature *sig, size_t *r_len)
{
const byte *p;
size_t n;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n);
if (p && n == 21 && p[0] == 4)
- return bin2hex (p+1, n-1, NULL);
+ {
+ *r_len = n - 1;
+ return p+1;
+ }
+ *r_len = 0;
return NULL;
}
+/* Return the ISSUER fingerprint string in human readbale format if
+ * available. Caller must release the string. */
+/* FIXME: Move to another file. */
+char *
+issuer_fpr_string (PKT_signature *sig)
+{
+ const byte *p;
+ size_t n;
+
+ p = issuer_fpr_raw (sig, &n);
+ return p? bin2hex (p, n, NULL) : NULL;
+}
+
+
static void
print_good_bad_signature (int statno, const char *keyid_str, kbnode_t un,
PKT_signature *sig, int rc)
@@ -1761,7 +1780,7 @@ check_sig_and_print (CTX c, kbnode_t node)
int rc;
int is_expkey = 0;
int is_revkey = 0;
- char *issuer_fpr;
+ char *issuer_fpr = NULL;
PKT_public_key *pk = NULL; /* The public key for the signature or NULL. */
int tried_ks_by_fpr;
@@ -1888,13 +1907,14 @@ check_sig_and_print (CTX c, kbnode_t node)
write_status_text (STATUS_NEWSIG, NULL);
astr = openpgp_pk_algo_name ( sig->pubkey_algo );
- if ((issuer_fpr = issuer_fpr_string (sig)))
+ issuer_fpr = issuer_fpr_string (sig);
+
+ if (issuer_fpr)
{
log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp));
log_info (_(" using %s key %s\n"),
astr? astr: "?", issuer_fpr);
- xfree (issuer_fpr);
}
else if (!keystrlen () || keystrlen () > 8)
{
@@ -2001,14 +2021,14 @@ check_sig_and_print (CTX c, kbnode_t node)
const byte *p;
size_t n;
- p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n);
- if (p && n == 21 && p[0] == 4)
+ p = issuer_fpr_raw (sig, &n);
+ if (p)
{
/* v4 packet with a SHA-1 fingerprint. */
free_public_key (pk);
pk = NULL;
glo_ctrl.in_auto_key_retrieve++;
- res = keyserver_import_fprint (c->ctrl, p+1, n-1, opt.keyserver, 1);
+ res = keyserver_import_fprint (c->ctrl, p, n, opt.keyserver, 1);
tried_ks_by_fpr = 1;
glo_ctrl.in_auto_key_retrieve--;
if (!res)
@@ -2375,22 +2395,23 @@ check_sig_and_print (CTX c, kbnode_t node)
}
else
{
- char buf[50];
-
- snprintf (buf, sizeof buf, "%08lX%08lX %d %d %02x %lu %d",
- (ulong)sig->keyid[0], (ulong)sig->keyid[1],
- sig->pubkey_algo, sig->digest_algo,
- sig->sig_class, (ulong)sig->timestamp, gpg_err_code (rc));
- write_status_text (STATUS_ERRSIG, buf);
+ write_status_printf (STATUS_ERRSIG, "%08lX%08lX %d %d %02x %lu %d %s",
+ (ulong)sig->keyid[0], (ulong)sig->keyid[1],
+ sig->pubkey_algo, sig->digest_algo,
+ sig->sig_class, (ulong)sig->timestamp,
+ gpg_err_code (rc),
+ issuer_fpr? issuer_fpr:"-");
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY)
{
- buf[16] = 0;
- write_status_text (STATUS_NO_PUBKEY, buf);
+ write_status_printf (STATUS_NO_PUBKEY, "%08lX%08lX",
+ (ulong)sig->keyid[0], (ulong)sig->keyid[1]);
}
if (gpg_err_code (rc) != GPG_ERR_NOT_PROCESSED)
log_error (_("Can't check signature: %s\n"), gpg_strerror (rc));
}
+ free_public_key (pk);
+ xfree (issuer_fpr);
return rc;
}
diff --git a/g10/options.h b/g10/options.h
index f186225c6..dab6e9f8b 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -249,7 +249,7 @@ struct
unsigned int allow_weak_digest_algos:1;
unsigned int large_rsa:1;
unsigned int disable_signer_uid:1;
- /* Flag to enbale experimental features from RFC4880bis. */
+ /* Flag to enable experimental features from RFC4880bis. */
unsigned int rfc4880bis:1;
} flags;
@@ -282,6 +282,8 @@ struct
int unwrap_encryption;
int only_sign_text_ids;
+
+ int no_symkey_cache; /* Disable the cache used for --symmetric. */
} opt;
/* CTRL is used to keep some global variables we currently can't
diff --git a/g10/packet.h b/g10/packet.h
index 4f4569f66..e8397eaee 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -620,6 +620,8 @@ int proc_signature_packets_by_fd (ctrl_t ctrl,
int proc_encryption_packets (ctrl_t ctrl, void *ctx, iobuf_t a);
int list_packets( iobuf_t a );
+char *issuer_fpr_string (PKT_signature *sig);
+
/*-- parse-packet.c --*/
/* Sets the packet list mode to MODE (i.e., whether we are dumping a
diff --git a/g10/passphrase.c b/g10/passphrase.c
index a498f627b..10574ec6a 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -317,6 +317,9 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
canceled = &dummy_canceled;
*canceled = 0;
+ if (opt.no_symkey_cache)
+ nocache = 1; /* Force no symmtric key caching. */
+
if ( !s2k )
{
log_assert (create && !nocache);
@@ -485,7 +488,7 @@ gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped)
&& pk->keyid[1] != pk->main_keyid[1]);
algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
timestr = strtimestamp (pk->timestamp);
- uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen);
+ uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen, NULL);
orig_codeset = i18n_switchto_utf8 ();
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 6ec5537f5..8b5d0422a 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -1149,7 +1149,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
else
{
size_t n;
- char *p = get_user_id (ctrl, keyid, &n );
+ char *p = get_user_id (ctrl, keyid, &n, NULL);
tty_print_utf8_string ( p, n );
xfree(p);
}
diff --git a/g10/revoke.c b/g10/revoke.c
index 846523295..3a089725c 100644
--- a/g10/revoke.c
+++ b/g10/revoke.c
@@ -571,7 +571,7 @@ gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce)
kl = opt.keyid_format == KF_NONE? 0 : keystrlen ();
- tmpstr = get_user_id (ctrl, keyid, &len);
+ tmpstr = get_user_id (ctrl, keyid, &len, NULL);
es_fprintf (memfp, "uid%*s%.*s\n\n",
kl + 10, "",
(int)len, tmpstr);